public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272
@ 2021-08-22 4:16 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
` (6 more replies)
0 siblings, 7 replies; 8+ messages in thread
From: cnsun at uwaterloo dot ca @ 2021-08-22 4:16 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Bug ID: 102009
Summary: ICE: in gimple_call_arg, at gimple.h:3272
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: cnsun at uwaterloo dot ca
Target Milestone: ---
$ gcc-trunk -v
Using built-in specs.
COLLECT_GCC=gcc-trunk
COLLECT_LTO_WRAPPER=/scratch/software/gcc-trunk/libexec/gcc/x86_64-pc-linux-gnu/12.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/configure
--enable-languages=c,c++,lto --enable-checking-yes --enable-multiarch
--prefix=/scratch/software/gcc-trunk --disable-bootstrap
Thread model: posix
Supported LTO compression algorithms: zlib
gcc version 12.0.0 20210821 (experimental) [master revision
:9e103620d:e92d0ff6b5e6d4b95c04fc3e326d40efeb136086] (GCC)
$ cat mutant.c
void *realloc();
ext2fs_resize_mem() { void *p = realloc(p); }
$ gcc-trunk mutant.c
mutant.c:2:1: warning: return type defaults to ‘int’ [-Wimplicit-int]
2 | ext2fs_resize_mem() { void *p = realloc(p); }
| ^~~~~~~~~~~~~~~~~
mutant.c: In function ‘ext2fs_resize_mem’:
mutant.c:2:33: warning: too few arguments to built-in function ‘realloc’
expecting 2 [-Wbuiltin-declaration-mismatch]
2 | ext2fs_resize_mem() { void *p = realloc(p); }
| ^~~~~~~
mutant.c:1:7: note: declared here
1 | void *realloc();
| ^~~~~~~
during GIMPLE pass: waccess
mutant.c:2:1: internal compiler error: in gimple_call_arg, at gimple.h:3272
2 | ext2fs_resize_mem() { void *p = realloc(p); }
| ^~~~~~~~~~~~~~~~~
0x6eab9c gimple_call_arg
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple.h:3272
0x6eab9c gimple_call_arg
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple.h:3270
0x6eab9c gimple_call_arg
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple.h:3280
0x6eab9c call_arg
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:115
0x6eab9c check_alloca
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:2492
0x6eab9c check_builtin
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:2810
0x6eab9c check
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:3285
0x6eab9c check
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:3304
0x6eab9c execute
/tmp/tmp.MRrxfWzUCx-gcc-builder/gcc/gcc/gimple-ssa-warn-access.cc:3318
Please submit a full bug report,
with preprocessed source if appropriate.
Please include the complete backtrace with any bug report.
See <https://gcc.gnu.org/bugs/> for instructions.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
@ 2021-08-22 4:22 ` pinskia at gcc dot gnu.org
2021-08-22 4:27 ` pinskia at gcc dot gnu.org
` (5 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-08-22 4:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Target Milestone|--- |12.0
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
@ 2021-08-22 4:27 ` pinskia at gcc dot gnu.org
2021-08-23 9:03 ` [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976 rguenth at gcc dot gnu.org
` (4 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: pinskia at gcc dot gnu.org @ 2021-08-22 4:27 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Last reconfirmed| |2021-08-22
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This does not make sense:
check_alloca should only be called for BUILT_IN_ALLOCA,
BUILT_IN_ALLOCA_WITH_ALIGN or BUILT_IN_ALLOCA_WITH_ALIGN_AND_MAX
But confirmed.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
2021-08-22 4:27 ` pinskia at gcc dot gnu.org
@ 2021-08-23 9:03 ` rguenth at gcc dot gnu.org
2021-11-15 16:41 ` jakub at gcc dot gnu.org
` (3 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-08-23 9:03 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P1
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (2 preceding siblings ...)
2021-08-23 9:03 ` [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976 rguenth at gcc dot gnu.org
@ 2021-11-15 16:41 ` jakub at gcc dot gnu.org
2021-11-15 16:58 ` msebor at gcc dot gnu.org
` (2 subsequent siblings)
6 siblings, 0 replies; 8+ messages in thread
From: jakub at gcc dot gnu.org @ 2021-11-15 16:41 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|unassigned at gcc dot gnu.org |jakub at gcc dot gnu.org
Status|NEW |ASSIGNED
--- Comment #2 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Created attachment 51799
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=51799&action=edit
gcc12-pr102009.patch
Untested fix.
Unfortunately, this isn't the only spot in that file. While e.g.
maybe_warn_nonstring_arg or pass_waccess::maybe_check_dealloc_call do punt if
nargs is too small, many other places don't care, e.g. look at
pass_waccess::check_strcat and most of following pass_waccess::check_* calls.
A quick way to fix it all is to punt if !gimple_builtin_call_types_compatible_p
between the builtin fndecl and the call stmt, but I vaguely remember Martin has
opposed against that. So the other way is to at least check gimple_call_nargs
is sufficient for each builtin, and be prepared that an argument might have
completely different type too (e.g. floating point or structure rather than
expected pointer or size).
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (3 preceding siblings ...)
2021-11-15 16:41 ` jakub at gcc dot gnu.org
@ 2021-11-15 16:58 ` msebor at gcc dot gnu.org
2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: msebor at gcc dot gnu.org @ 2021-11-15 16:58 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
--- Comment #3 from Martin Sebor <msebor at gcc dot gnu.org> ---
gimple_builtin_call_types_compatible_p() returns false even for calls with
trivial mismatches like an int where a size_t is expected. I would prefer a
less restrictive test that doesn't prevent detecting these bugs in such calls
to function without a prototype.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (4 preceding siblings ...)
2021-11-15 16:58 ` msebor at gcc dot gnu.org
@ 2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2021-11-16 9:19 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
--- Comment #4 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by Jakub Jelinek <jakub@gcc.gnu.org>:
https://gcc.gnu.org/g:eacdfaf7ca07367ede1a0c50aa997953958dabae
commit r12-5294-geacdfaf7ca07367ede1a0c50aa997953958dabae
Author: Jakub Jelinek <jakub@redhat.com>
Date: Tue Nov 16 10:18:25 2021 +0100
waccess: Fix up pass_waccess::check_alloc_size_call [PR102009]
This function punts if the builtins have no arguments, but as can be seen
on the testcase, even if it has some arguments but alloc_size attribute's
arguments point to arguments that aren't passed, we get a warning earlier
from the FE but should punt rather than ICE on it.
Other users of alloc_size attribute e.g. in
tree-object-size.c (alloc_object_size) punt similarly and similarly
even in the same TU maybe_warn_nonstring_arg correctly verifies calls have
enough arguments.
2021-11-16 Jakub Jelinek <jakub@redhat.com>
PR tree-optimization/102009
* gimple-ssa-warn-access.cc (pass_waccess::check_alloc_size_call):
Punt if any of alloc_size arguments is out of bounds vs. number of
call arguments.
* gcc.dg/pr102009.c: New test.
^ permalink raw reply [flat|nested] 8+ messages in thread
* [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
` (5 preceding siblings ...)
2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
@ 2021-11-16 11:05 ` jakub at gcc dot gnu.org
6 siblings, 0 replies; 8+ messages in thread
From: jakub at gcc dot gnu.org @ 2021-11-16 11:05 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=102009
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|ASSIGNED |RESOLVED
--- Comment #5 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
Fixed.
Tried strcat etc., but there is:
if (gimple_call_builtin_p (stmt, BUILT_IN_NORMAL))
check_builtin (stmt);
which ensures strcat etc. calls make it through to check_strcat etc. only if
they have the right number of arguments.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-11-16 11:05 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-22 4:16 [Bug c/102009] New: ICE: in gimple_call_arg, at gimple.h:3272 cnsun at uwaterloo dot ca
2021-08-22 4:22 ` [Bug tree-optimization/102009] [12 Regression] " pinskia at gcc dot gnu.org
2021-08-22 4:27 ` pinskia at gcc dot gnu.org
2021-08-23 9:03 ` [Bug tree-optimization/102009] [12 Regression] ICE: in gimple_call_arg, at gimple.h:3272 by r12-2976 rguenth at gcc dot gnu.org
2021-11-15 16:41 ` jakub at gcc dot gnu.org
2021-11-15 16:58 ` msebor at gcc dot gnu.org
2021-11-16 9:19 ` cvs-commit at gcc dot gnu.org
2021-11-16 11:05 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).